using System;
using System.Collections.Generic;
using System.Text;
using Microsoft.Practices.EnterpriseLibrary.Data;
using System.Data.Common;
using System.Data;
using Garlic.DM.DataModel;

namespace Garlic.DAL
{
    public partial class AuthDAL
    {
        private const string HASAUTHORIZED = "select  " +
                                            "auth.role_id," +
                                            "auth.resource_type," +
                                            "auth.resource_name," +
                                            "auth.resource_id" +
                                            "  from TS_BAS_Auth auth,TS_BAS_Role role,TR_BAS_User_Role rUserRole,TS_BAS_User usr " +
            " where usr.user_id=:UserID and usr.user_id=rUserRole.user_id " +
            " and role.rold_id=rUserRole.role_id and role.role_id=auth.role_id and auth.resource_name=:ResourceName";

        private const string GETAUTHS = "select   " +
                                            "auth.role_id," +
                                            "auth.resource_type," +
                                            "auth.resource_name," +
                                            "auth.resource_id" +
                                            "   from TS_BAS_Auth auth,TS_BAS_Role role,TR_BAS_User_Role rUserRole,TS_BAS_User usr " +
            " where usr.user_id=:UserID and usr.user_id=rUserRole.user_id " +
            " and role.role_id=rUserRole.role_id and role.role_id=auth.role_id and auth.resource_type=:ResourceType";
        private const string GXYUTHS = "select   " +
                                           "auth.role_id," +
                                           "auth.resource_type," +
                                           "auth.resource_name," +
                                           "auth.resource_id" +
                                           "   from TS_BAS_Auth auth,TS_BAS_Role role,TR_BAS_User_Role rUserRole,TS_BAS_User usr " +
           " where usr.user_id=:UserID and usr.user_id=rUserRole.user_id " +
           " and role.role_id=rUserRole.role_id and role.role_id=auth.role_id and auth.resource_type=:ResourceType";
        
        public static bool HasAuthorized(string resourceName, int userID)
        {
            Database db = DatabaseFactory.CreateDatabase();
            DbCommand dbCommand = db.GetSqlStringCommand(HASAUTHORIZED);
            db.AddInParameter(dbCommand, "UserID", DbType.Int32, userID);
            db.AddInParameter(dbCommand, "ResourceName", DbType.String, resourceName);


            using (IDataReader dr = db.ExecuteReader(dbCommand))
            {
                if (dr.Read())
                {
                    return true;
                }
                else
                    return false;
            }
        }

        public static List<AuthInfo> GetAuths(int userID, string resourceType)
        {
            Database db = DatabaseFactory.CreateDatabase();
            DbCommand dbCommand = db.GetSqlStringCommand(GETAUTHS);
            db.AddInParameter(dbCommand, "UserID", DbType.Int32, userID);
            db.AddInParameter(dbCommand, "ResourceType", DbType.String, resourceType);

            List<AuthInfo> auths = new List<AuthInfo>();
            using (IDataReader dr = db.ExecuteReader(dbCommand))
            {
                while (dr.Read())
                {
                    auths.Add(CreateAuthInfo(dr));
                }
            }

            return auths;
        }

        private static AuthInfo CreateAuthInfo(IDataReader rdr)
        {
            AuthInfo myauthInfo = new AuthInfo();
            myauthInfo.Role_id = rdr.GetInt32(0);
            myauthInfo.Resource_type = rdr.GetString(1);
            myauthInfo.Resource_name = rdr.GetString(2);
            myauthInfo.Resource_id = rdr.GetInt32(3);

            return myauthInfo;
        }

        public static void DeleteAuthAboutResource(int resourceid, string resourcetype)
        {
            try
            {
                Database db = DatabaseFactory.CreateDatabase();
                string msql = "delete TS_BAS_Auth where resource_id=:resourceid and resource_type=:resourcetype";
                DbCommand dbCommand = db.GetSqlStringCommand(msql);
                db.AddInParameter(dbCommand, "resourceid", DbType.Int32, resourceid);
                db.AddInParameter(dbCommand, "resourcetype", DbType.String, resourcetype);

                db.ExecuteNonQuery(dbCommand);
            }
            catch (System.Exception ex)
            {
                throw;
            }
        }

        public static void DeleteAuthAboutResource(string resourceids, string resourcetype)
        {
            try
            {
                Database db = DatabaseFactory.CreateDatabase();
                string msql = "delete TS_BAS_Auth where resource_id in (" + resourceids + ") and resource_type=:resourcetype";
                DbCommand dbCommand = db.GetSqlStringCommand(msql);
                //db.AddInParameter(dbCommand, "resourceids", DbType.String, resourceids);
                db.AddInParameter(dbCommand, "resourcetype", DbType.String, resourcetype);

                db.ExecuteNonQuery(dbCommand);
            }
            catch (System.Exception ex)
            {
                throw;
            }
        }

        public static void RemoveResourceToRole(int resourceid, int roleid, string resourcetype)
        {
            try
            {
                Database db = DatabaseFactory.CreateDatabase();
                string msql = "delete TS_BAS_Auth where resource_id=:resourceid and role_id=:roleid and resource_type=:resourcetype";
                DbCommand dbCommand = db.GetSqlStringCommand(msql);
                db.AddInParameter(dbCommand, "resourceid", DbType.Int32, resourceid);
                db.AddInParameter(dbCommand, "roleid", DbType.Int32, roleid);
                db.AddInParameter(dbCommand, "resourcetype", DbType.String, resourcetype);

                db.ExecuteNonQuery(dbCommand);
            }
            catch (System.Exception ex)
            {
                throw;
            }
        }

        public static void AddResourceToRole(int resourceid, int roleID, string resourcename, string resourcetype)
        {
            try
            {
                Database db = DatabaseFactory.CreateDatabase();
                string msql = "insert into TS_BAS_Auth(role_id,resource_id,resource_name,resource_type) values (:roleid,:resourceid,:resourcename,:resourcetype)";
                DbCommand dbCommand = db.GetSqlStringCommand(msql);
                db.AddInParameter(dbCommand, "roleid", DbType.Int32, roleID);
                db.AddInParameter(dbCommand, "resourceid", DbType.Int32, resourceid);
                db.AddInParameter(dbCommand, "resourcename", DbType.String, resourcename);
                db.AddInParameter(dbCommand, "resourcetype", DbType.String, resourcetype);

                db.ExecuteNonQuery(dbCommand);
            }
            catch (System.Exception ex)
            {
                throw;
            }
        }
        public static List<AuthInfo> GXYuths(int userID, string resourceType)
        {
            Database db = DatabaseFactory.CreateDatabase();
            DbCommand dbCommand = db.GetSqlStringCommand(GXYUTHS);
            db.AddInParameter(dbCommand, "UserID", DbType.Int32, userID);
            db.AddInParameter(dbCommand, "ResourceType", DbType.String, resourceType);

            List<AuthInfo> auths = new List<AuthInfo>();
            using (IDataReader dr = db.ExecuteReader(dbCommand))
            {
                while (dr.Read())
                {
                    auths.Add(CreateAuthInfo(dr));
                }
            }

            return auths;
        }
    }
}
